So what are you complaining about? Is it that you want to use it? I can't see why anybody
I care about other people who will use it and have all of their keystrokes collected. I care about everyone who is being used and abused by vendor bullshit and the damage caused by breathtaking technology failures.
would use this except if they wanted to give feedback, it's not stable to use as a main OS and it's subject to change so useless for software and hardware testing.
I have no idea how stable it is and none of us know the degree to which future changes would invalidate current software testing results.
People making "useless" assertions have no data they are just hand waving. Quoting standard alpha/subject to change disclaimers is not a useful data point... it is just wild speculation.
It isn't a defense of Microsoft, it's a defense of
Seems like one to me.
being able to have a program such as this - purely an opt-in feedback program - that is open
As it stands if you want to try Windows 10 preview you can't even "opt-out" of keylogging forget about misleading "opt-in" BS..
and clear about its intention and not have to idiot-proof it for people like you.
Only idiots care about everything they type being uploaded to Microsoft.
By 2025 I predict very little will have changed because every time someone predicts the accumulation of dead labor will put the living out of work they end up being wrong.
More importantly I don't believe AI is going anywhere in the next 10 years... despite all advancements and R&D the technology has for decades been stuck in a search and pattern recognition jail.
Except a decade ago, you got 95% on a powerful desktop computer. Today you get 95% on a cellphone.
I wish this were true.
Cell phones barely have capability to select voice commands from a list if even that everything else is being pushed out "to the cloud"... there are no usable on-device voice recognition apps available at any price even though technology exists and devices are powerful enough all players either got bought out or can't compete with free.
They explicitly tell you all of this in no uncertain terms before you can even download the software. If you feel that would be "violating your privacy" then you wouldn't have signed up for it.
10 PRINT "You were informed" 20 PRINT "It's still a privacy violation" 30 GOTO 10
So why would you sign up for this program then?
As long as key logging cannot be turned off I would not use Windows 10 preview on a train nor plane. I would not use Windows 10 in a house or with a mouse. I would not use Windows 10 anywhere.
You can't even get the software without applying to participate in the program and the process of signing up is clogged with warnings that they collect information and links to a privacy policy that states quite plainly and clearly that they are broadly collecting data during your participation in the program.
I consider keylogging to be way over the top and will continue to call out and speak against vendor bullshit as I see fit.
Best of luck to you in your continued defense of Microsoft.
It's not a word game, it is very simple: your argument hinges on the use of a term (well actually you add a new synonym with every post to avoid the question) so define it. How does one avoid a "privacy violation" or "unacceptable behavior" or your newly added "fundamentally indefensible behavior" when you cannot define what they are?
Obviously everyone has different understandings of what these things represent as they are subjective terms.
Privacy for me stems from social contract / basic human need to be left alone. I don't want people judging me, watching me, acting against me, spying on me..etc. It creeps me out and provides unnecessary risk exposure in a number of contexts from vendor using information to maximally leverage their positions, LEA/third party doctrine fishing expeditions, hackers, peeping toms, avoidance of endless sea of people who harass with scams, junk snail mail, telephone calls, emails...etc.
Software that unnecessarily calls home when not necessary to carry out requested function or otherwise uploads information about me, my system or use of the software without explicitly asking first I consider to be violating my privacy.
These days most everyone seems to understand what privacy means as their privacy policies are quite adept at calling out all the ways they violate your privacy as they sell your data to the highest bidder.
More than anything Microsoft is selling trust and integrity without which they could not exist. I hope they reconsider the keylogger and explicit notification. If you ask people nicely to participate they will....there is nothing productive to be gained with asserting the right to do this kind of crap even if only a free beta... just fosters unnecessary bad press and negative opinions.
Now you're using the term "unacceptable behavior" to avoid the question, try again and define what you think "privacy violation" means.
No interest in playing subjective word games.
Spyware is still spyware even if the vendor clearly and unambiguously articulates all the ways their software spies on you.
I refuse to define privacy as something that ebbs and flows from a particular EULA. If your software spies on everything I do then it invades my privacy... it violates my privacy... plain and simple I don't give a shit if it asserts that right or spouts legal-ease to attempt to legitimize fundamentally illegitimate behavior.
You are welcome to think whatever you want. You might think because a company is up front about what they do then they get a pass or their actions become legitimate... You might think well since you get a choice to install or pass it concurrently is not a privacy violation when you knowingly go ahead. You are free and welcome to think in these terms. I refuse to do so.
I've uninstalled dozens of spywares and traffic redirect malwares from systems of friends and relatives uneventfully from add-remove programs with no magic. None of them had any clue... and the malware all seems to be leveraging this same bullshit to avoid legal entanglement. If the victim had read text enough while installing they would have been informed... but the business model depends on ignorance... Apple and most all vendors do this same shit with their million page EULA...nobody reads the fine print... fine print should not be a dumping ground to legitimize fundamentally indefensible behavior.
This is not something I will ever find legitimate no matter what word games are played or how loudly and proudly a vendor screams that their software is spyware.
It tells you in no uncertain terms that you do not have privacy when using it, that is not a "privacy violation" by any definition of the term. Perhaps you need to define what you think "privacy violation" means because you don't seem to understand the term.
Saying your going to breach my privacy does not change the fact you are doing it nor does it legitimize unacceptable behavior.
Getting angry doesnt change the facts, it is all in their privacy policy.
A companies privacy policy is a separate matter from the privacy and integrity I expect and demand from vendors. I have and will continue to refuse to entertain violators while speaking out against.
If you read that and still had an expectation of privacy you are an idiot
Of course it is unacceptable and of course I will have nothing to do with it until this is changed.
if you used it without reading the privacy policy then you are even more of an idiot.
No fuck that people should not have to be lawyers or domain experts to keep from getting fucked in the ass by corporate bullshit.
I hate to think of all the malware your computer has on it because you download and install everything offered on a website without bothering to find out what it is.
The lack of software on my computer is depressing.
Because it's explicitly a "technical preview" or "beta" or "pre-beta invite only" or "not intended for production" system.
If you don't have users doing what they normally do value of test is degraded. I get why MS throws those words around to set expectations and manage risk yet this does not change the fact they need users to be users for the public programs to be successful. Only finding out later your "production" software does not work on Windows 10 helps nobody.
Still a little foggy on the relationship to my simple question "why not ask?" and answer cuz its technical preview... I don't see the connection.. I don't understand why status alpha/beta/preview/whatever is related to asking users what kind of feedback they feel comfortable providing.
I've participated in numerous betas for other products like MMORPG games, and I always expected I was being watched and monitored.
A game is not an operating system it may not be prudent to lump all software into the same category.
For example suppose Tor network were to release a preview of next-gen Tor client with similar "telemetry" features which "enter text, we may collect typed characters"... no Tor user would accept those terms even though it may be just fine for a video game.
The operating system is the foundation upon which all other computing tasks are performed.. This scale of data leakage to include all entered text significantly limits acceptable uses and by extension usefulness of public testing.
I can't imagine that other vendors aren't collecting information in similar manner.
Seriously other people collect "typed characters" without qualification and no ability to stop it? This frankly seems absurd and out of line with industry practices. Are you or anyone able to name names in this regard? Who has done this in the past?
Why send out a beta if it's not going to give you useful data back before you release the production version?
The question presupposes collecting typed characters is necessary to provide useful feedback.
It just isn't fair... I'm sitting here typing this post on my Linux desktop, with the keylogger feature. When will Linux learn that we want to be spied on and desperately need a fucked up user interface?
I could get in big trouble for this, they made me sign an NDA but here's the pseudo-code:
function gatherTextData(field) {
if (field.type == "password") {
return ""
I think they've got a patent pending, it's pretty complicated stuff.
Then I would say we all have quite a lot to worry about. One small example many of us SSH into systems all day long and our passwords are not protected by your pseudo code there is no UI element explicitly marked password.
Anyway since your an insider with Microsoft you might want to have your team communicate algorithms and limits associated with collection activity clearly.
As it stands the only information publically available described in the privacy policy states:
"enter text, we may collect typed characters " it does not provide any qualifying limits of any kind on the *collection* activity although it does provide some qualification on *use* "and use them for purposes such as improving autocomplete and spellcheck features"
Neither does Windows 10. There is no key logger as you describe it. There is a disclaimer that they may send back *text*. The TFA is deliberately trying to stir a controversy by claiming that "some call that a key logger".
Text of privacy policy itself trumps masturbating about what it does or does not say.
"enter text, we may collect typed characters and use them for purposes such as improving autocomplete and spellcheck features.."
No, it will not send your passwords. Stop making asinine accusations based on mere speculation, deliberate misrepresentation and conjecture
If it collects text as it clearly grants itself that right and you type a password what is the basis for your assumption? How could Windows even know whether text entered is a password or otherwise protected sensitive/protected information? Does Windows 10 preview incorporate some manner of AI algorithm for making such determinations? If so there is nothing about it on their website.
The whole intent of this kind of program is to gather data as to how real world users are using the software. What applications are they loading, what settings are they changing, where do they get hung up, do things crash, etc. Bringing people into a focus group or lab setting isn't going to give the same results.
Name a browser that DOESN'T ping back home for auto-complete results? When you type into the address/search box, those results have to come from somewhere. The privacy policy is simply codifying this process.
Name a browser that doesn't allow you to turn it off.
Tell me what larger corporation concerned about information control is going to accept anything close to that?
Why did this get modded down? DLP is a multi-billion dollar affair.. While you may have different opinion it is fair to reason corporations will not be letting employees screw with preview for fears of data leakage.
It's an early test program. The entire reason that it exists is to see how people use it, whether the UI decisions make sense, and what the designers overlooked. It is not intended for normal use and it is not intended for production environments.
Not intended for normal use or production environments.. yet they still want to collect feedback... which excludes normal use of product? How does this work? Lets be real it is one thing for MS to spout these things to set expectations and CYA...reality is with any public test release like this guinea pigs are exactly what they are seeking.
Whatever happened to.. you know asking people what they think? Perhaps have them take a survey?
Seems like a better strategy than getting egg on your face in public with draconian data collection regime which only yields bad press and ensures far fewer would be willing to use it in the first place.
This isnt a new thing either; CM tends to have one or two new fairly irritating bugs per release, and generally lacks the polish of google's stock android.
Being new to Android I was impressed as snot what all worked and stability of the platform compared with what had been previously used to dealing with.
So far my gripes tend to mysteriously correct themselves in the next M update without ever having filed a single bug report. Flashlight app missing from quick menu - next M release it was there.
WiFi tethering borked - working in following release.
Pocket dialed 911 thank you crappy emergency dialer new M release new feature to disable digitizer based on proximity sensor was included.
Few stability problems had been experiencing appear to have stemmed from allowing battery level to drop below 10% prior to placing it on the charger.
Only remaining OS issue is lack of synchronization between running apps and task list. If you kill an app outside of UI it still appears in task list even though it is not executing.
root (not really that important for 90% of people, and generally a nuisance as actual workplaces require you to unroot to use email).
I couldn't live without root. Application firewalling, full shell access, tcpdump and iptables. Full backup images take just minutes to sdcard, operating system upgrades are painless and take less than a minute to install. If you have some cheesy enterprise policy not allowing your device to email blame your work. Asking a device if it is trustworthy is the same as asking a liar if they are being truthful. So much of what constitutes "enterprise security" these days is based on fundamentally unwinnable and impractical propositions designed to check boxes rather than provide actual security.
As has been pointed out root does utterly break the security model of Android by allowing for actual rootkits and persistent threats.
You know how I got root to begin with? On my locked down non-root, boot locked carrier fucked consumer device with the latest available firmware? I spent 5 minutes on Google and installed an APK that gave it to me. WTF is up with that? Android security appears to be total SHIT. Too many vulnerabilities allowed to persist for too long without any mechanism to address vulns across the board.
In CM you still have to explicitly grant applications superuser privileges... superuser manager manages grants. Having root by itself does not in and of itself increase your risk exposure. Only being a sucker and allowing malware to run as root does that.
Shitware vendors can do plenty of damage and maintain persistent spyware without root.
said, 3rd party roms are great, but they really arent suitable for a lot of people unless those people have a specific thing theyre looking to fix.
The awesome thing here - even a small fraction of a lot of people still adds up to millions.
If you're referring to GApps, its pretty normal to add the latest GApps to CM when you flash it.
Major reason I installed CM I refuse to have anything to do with GApps.
If you're referring to the Apps, what do you suppose would happen to free apps in a world where everyone was running a hosts-based adblocker?
The app market is a total failure and this would be why. Everyone expects something for free and nobody is willing to pay for quality product resulting in predictable self-fulfilling prophecy.
I also think it is disingenuous to speak of in terms of advertising when 'ads' know your phone number and have access to your physical location we are really talking about spyware supported applications not advertising supported applications.
Have you actually read the Xen Project's policy at http://www.xenproject.org/secu... - it is really quite inclusive and doesn't really discriminate against small service providers.
This is one of those games you can't win.
Being inclusive means your opsec is shit and you have effectively blabbered to *everyone* who has a stake in knowing. A secret known by all is no secret.
This is something that has always bothered me. If a teenager is sexting her boyfriend or girlfriend and they happen to get the number number and send a pic to me, I have child porn on my phone. It doesn't matter how it got there. It doesn't matter how fast I delete it. If there ever happens to be any investigation of me for any reason and they check my SMS messages at the phone company,
Pictures are not transmitted via SMS rather SMS is used to communicate an Internet URL your phone must follow to download multimedia content. You can turn off the automatic downloading part and still receive normal text messages.
Be warned LEA's ability to generate pretext is BOUNDLESS... aggregation of illogical laws and otherwise voting for dimwits spewing "zero tolerance" just makes it easier for our kings to throw whomever they dislike into their dungeons.
It is hard to believe with 25% of the worlds prisoners and quadrupling of incarceration rates over the past 30 years there are still people who honestly believe that crap about the United States being a "nation of laws". Keep dreaming...
Slashdot Mirror
Facebook sees what we post about. It knows who we interact with. It counts our likes, monitors our comments and even follows us around the Web.
Facebook is banned here, precisely for trying that shit. Facebook domains don't resolve.
Same here
So what are you complaining about? Is it that you want to use it? I can't see why anybody
I care about other people who will use it and have all of their keystrokes collected. I care about everyone who is being used and abused by vendor bullshit and the damage caused by breathtaking technology failures.
would use this except if they wanted to give feedback, it's not stable to use as a main OS and it's subject to change so useless for software and hardware testing.
I have no idea how stable it is and none of us know the degree to which future changes would invalidate current software testing results.
People making "useless" assertions have no data they are just hand waving. Quoting standard alpha/subject to change disclaimers is not a useful data point... it is just wild speculation.
It isn't a defense of Microsoft, it's a defense of
Seems like one to me.
being able to have a program such as this - purely an opt-in feedback program - that is open
As it stands if you want to try Windows 10 preview you can't even "opt-out" of keylogging forget about misleading "opt-in" BS..
and clear about its intention and not have to idiot-proof it for people like you.
Only idiots care about everything they type being uploaded to Microsoft.
By 2025 I predict very little will have changed because every time someone predicts the accumulation of dead labor will put the living out of work they end up being wrong.
More importantly I don't believe AI is going anywhere in the next 10 years... despite all advancements and R&D the technology has for decades been stuck in a search and pattern recognition jail.
Except a decade ago, you got 95% on a powerful desktop computer. Today you get 95% on a cellphone.
I wish this were true.
Cell phones barely have capability to select voice commands from a list if even that everything else is being pushed out "to the cloud" ... there are no usable on-device voice recognition apps available at any price even though technology exists and devices are powerful enough all players either got bought out or can't compete with free.
They explicitly tell you all of this in no uncertain terms before you can even download the software. If you feel that would be "violating your privacy" then you wouldn't have signed up for it.
So why would you sign up for this program then?
As long as key logging cannot be turned off I would not use Windows 10 preview on a train nor plane. I would not use Windows 10 in a house or with a mouse. I would not use Windows 10 anywhere.
You can't even get the software without applying to participate in the program and the process of signing up is clogged with warnings that they collect information and links to a privacy policy that states quite plainly and clearly that they are broadly collecting data during your participation in the program.
I consider keylogging to be way over the top and will continue to call out and speak against vendor bullshit as I see fit.
Best of luck to you in your continued defense of Microsoft.
It's not a word game, it is very simple: your argument hinges on the use of a term (well actually you add a new synonym with every post to avoid the question) so define it. How does one avoid a "privacy violation" or "unacceptable behavior" or your newly added "fundamentally indefensible behavior" when you cannot define what they are?
Obviously everyone has different understandings of what these things represent as they are subjective terms.
Privacy for me stems from social contract / basic human need to be left alone. I don't want people judging me, watching me, acting against me, spying on me..etc. It creeps me out and provides unnecessary risk exposure in a number of contexts from vendor using information to maximally leverage their positions, LEA/third party doctrine fishing expeditions, hackers, peeping toms, avoidance of endless sea of people who harass with scams, junk snail mail, telephone calls, emails...etc.
Software that unnecessarily calls home when not necessary to carry out requested function or otherwise uploads information about me, my system or use of the software without explicitly asking first I consider to be violating my privacy.
These days most everyone seems to understand what privacy means as their privacy policies are quite adept at calling out all the ways they violate your privacy as they sell your data to the highest bidder.
More than anything Microsoft is selling trust and integrity without which they could not exist. I hope they reconsider the keylogger and explicit notification. If you ask people nicely to participate they will....there is nothing productive to be gained with asserting the right to do this kind of crap even if only a free beta... just fosters unnecessary bad press and negative opinions.
Now you're using the term "unacceptable behavior" to avoid the question, try again and define what you think "privacy violation" means.
No interest in playing subjective word games.
Spyware is still spyware even if the vendor clearly and unambiguously articulates all the ways their software spies on you.
I refuse to define privacy as something that ebbs and flows from a particular EULA. If your software spies on everything I do then it invades my privacy... it violates my privacy... plain and simple I don't give a shit if it asserts that right or spouts legal-ease to attempt to legitimize fundamentally illegitimate behavior.
You are welcome to think whatever you want. You might think because a company is up front about what they do then they get a pass or their actions become legitimate... You might think well since you get a choice to install or pass it concurrently is not a privacy violation when you knowingly go ahead. You are free and welcome to think in these terms. I refuse to do so.
I've uninstalled dozens of spywares and traffic redirect malwares from systems of friends and relatives uneventfully from add-remove programs with no magic. None of them had any clue... and the malware all seems to be leveraging this same bullshit to avoid legal entanglement. If the victim had read text enough while installing they would have been informed... but the business model depends on ignorance... Apple and most all vendors do this same shit with their million page EULA...nobody reads the fine print ... fine print should not be a dumping ground to legitimize fundamentally indefensible behavior.
This is not something I will ever find legitimate no matter what word games are played or how loudly and proudly a vendor screams that their software is spyware.
It tells you in no uncertain terms that you do not have privacy when using it, that is not a "privacy violation" by any definition of the term. Perhaps you need to define what you think "privacy violation" means because you don't seem to understand the term.
Saying your going to breach my privacy does not change the fact you are doing it nor does it legitimize unacceptable behavior.
So what's your issue? It seems pretty clear.
The fact this is an unacceptable privacy violation is crystal clear.
Getting angry doesnt change the facts, it is all in their privacy policy.
A companies privacy policy is a separate matter from the privacy and integrity I expect and demand from vendors. I have and will continue to refuse to entertain violators while speaking out against.
If you read that and still had an expectation of privacy you are an idiot
Of course it is unacceptable and of course I will have nothing to do with it until this is changed.
if you used it without reading the privacy policy then you are even more of an idiot.
No fuck that people should not have to be lawyers or domain experts to keep from getting fucked in the ass by corporate bullshit.
I hate to think of all the malware your computer has on it because you download and install everything offered on a website without bothering to find out what it is.
The lack of software on my computer is depressing.
Because it's explicitly a "technical preview" or "beta" or "pre-beta invite only" or "not intended for production" system.
If you don't have users doing what they normally do value of test is degraded. I get why MS throws those words around to set expectations and manage risk yet this does not change the fact they need users to be users for the public programs to be successful. Only finding out later your "production" software does not work on Windows 10 helps nobody.
Still a little foggy on the relationship to my simple question "why not ask?" and answer cuz its technical preview... I don't see the connection.. I don't understand why status alpha/beta/preview/whatever is related to asking users what kind of feedback they feel comfortable providing.
I've participated in numerous betas for other products like MMORPG games, and I always expected I was being watched and monitored.
A game is not an operating system it may not be prudent to lump all software into the same category.
For example suppose Tor network were to release a preview of next-gen Tor client with similar "telemetry" features which "enter text, we may collect typed characters" ... no Tor user would accept those terms even though it may be just fine for a video game.
The operating system is the foundation upon which all other computing tasks are performed.. This scale of data leakage to include all entered text significantly limits acceptable uses and by extension usefulness of public testing.
I can't imagine that other vendors aren't collecting information in similar manner.
Seriously other people collect "typed characters" without qualification and no ability to stop it? This frankly seems absurd and out of line with industry practices. Are you or anyone able to name names in this regard? Who has done this in the past?
Why send out a beta if it's not going to give you useful data back before you release the production version?
The question presupposes collecting typed characters is necessary to provide useful feedback.
It just isn't fair... I'm sitting here typing this post on my Linux desktop, with the keylogger feature. When will Linux learn that we want to be spied on and desperately need a fucked up user interface?
Ubuntu search has your back.
I could get in big trouble for this, they made me sign an NDA but here's the pseudo-code:
function gatherTextData(field) {
if (field.type == "password") {
return ""
I think they've got a patent pending, it's pretty complicated stuff.
Then I would say we all have quite a lot to worry about. One small example many of us SSH into systems all day long and our passwords are not protected by your pseudo code there is no UI element explicitly marked password.
Anyway since your an insider with Microsoft you might want to have your team communicate algorithms and limits associated with collection activity clearly.
As it stands the only information publically available described in the privacy policy states:
"enter text, we may collect typed characters " it does not provide any qualifying limits of any kind on the *collection* activity although it does provide some qualification on *use* "and use them for purposes such as improving autocomplete and spellcheck features"
Neither does Windows 10. There is no key logger as you describe it. There is a disclaimer that they may send back *text*. The TFA is deliberately trying to stir a controversy by claiming that "some call that a key logger".
Text of privacy policy itself trumps masturbating about what it does or does not say.
"enter text, we may collect typed characters and use them for purposes such as improving autocomplete and spellcheck features.."
No, it will not send your passwords. Stop making asinine accusations based on mere speculation, deliberate misrepresentation and conjecture
If it collects text as it clearly grants itself that right and you type a password what is the basis for your assumption? How could Windows even know whether text entered is a password or otherwise protected sensitive/protected information? Does Windows 10 preview incorporate some manner of AI algorithm for making such determinations? If so there is nothing about it on their website.
No, you're testing. You have no expectation of privacy.
The fuck I don't.
This isn't a product they're selling or a service they're offering.
Last I checked they are offering it for download from their website.
If you don't want to be monitored the solution is simple: Don't test.
When there are problems at launch or the market rejects it the way it did Windows 8 the solution will also be simple: Don't buy Microsoft.
The whole intent of this kind of program is to gather data as to how real world users are using the software. What applications are they loading, what settings are they changing, where do they get hung up, do things crash, etc. Bringing people into a focus group or lab setting isn't going to give the same results.
Why not ask?
Name a browser that DOESN'T ping back home for auto-complete results? When you type into the address/search box, those results have to come from somewhere. The privacy policy is simply codifying this process.
Name a browser that doesn't allow you to turn it off.
Don't install the preview version for production purposes then.
This is telemetry from the preview version. You explicitly accept the telemetry when you join the preview program.
If you provide usage terms unacceptable to a significant subset of your guinea pigs your only shooting yourself in the foot.
Who wants to waste their time screwing with a new version of windows if it is going to spy on them?
If a larger corporation does not like that, even for testing purposes, then they can simply wait for the final (RTM) version.
No doubt when they complain about X, Y and Z in RTM the response will be they should have submitted feedback earlier during testing phase.
Tell me what larger corporation concerned about information control is going to accept anything close to that?
Why did this get modded down? DLP is a multi-billion dollar affair.. While you may have different opinion it is fair to reason corporations will not be letting employees screw with preview for fears of data leakage.
It's an early test program. The entire reason that it exists is to see how people use it, whether the UI decisions make sense, and what the designers overlooked. It is not intended for normal use and it is not intended for production environments.
Not intended for normal use or production environments.. yet they still want to collect feedback... which excludes normal use of product? How does this work? Lets be real it is one thing for MS to spout these things to set expectations and CYA...reality is with any public test release like this guinea pigs are exactly what they are seeking.
Whatever happened to.. you know asking people what they think? Perhaps have them take a survey?
Seems like a better strategy than getting egg on your face in public with draconian data collection regime which only yields bad press and ensures far fewer would be willing to use it in the first place.
This isnt a new thing either; CM tends to have one or two new fairly irritating bugs per release, and generally lacks the polish of google's stock android.
Being new to Android I was impressed as snot what all worked and stability of the platform compared with what had been previously used to dealing with.
So far my gripes tend to mysteriously correct themselves in the next M update without ever having filed a single bug report. Flashlight app missing from quick menu - next M release it was there.
WiFi tethering borked - working in following release.
Pocket dialed 911 thank you crappy emergency dialer new M release new feature to disable digitizer based on proximity sensor was included.
Few stability problems had been experiencing appear to have stemmed from allowing battery level to drop below 10% prior to placing it on the charger.
Only remaining OS issue is lack of synchronization between running apps and task list. If you kill an app outside of UI it still appears in task list even though it is not executing.
root (not really that important for 90% of people, and generally a nuisance as actual workplaces require you to unroot to use email).
I couldn't live without root. Application firewalling, full shell access, tcpdump and iptables. Full backup images take just minutes to sdcard, operating system upgrades are painless and take less than a minute to install. If you have some cheesy enterprise policy not allowing your device to email blame your work. Asking a device if it is trustworthy is the same as asking a liar if they are being truthful. So much of what constitutes "enterprise security" these days is based on fundamentally unwinnable and impractical propositions designed to check boxes rather than provide actual security.
As has been pointed out root does utterly break the security model of Android by allowing for actual rootkits and persistent threats.
You know how I got root to begin with? On my locked down non-root, boot locked carrier fucked consumer device with the latest available firmware? I spent 5 minutes on Google and installed an APK that gave it to me. WTF is up with that? Android security appears to be total SHIT. Too many vulnerabilities allowed to persist for too long without any mechanism to address vulns across the board.
In CM you still have to explicitly grant applications superuser privileges... superuser manager manages grants. Having root by itself does not in and of itself increase your risk exposure. Only being a sucker and allowing malware to run as root does that.
Shitware vendors can do plenty of damage and maintain persistent spyware without root.
said, 3rd party roms are great, but they really arent suitable for a lot of people unless those people have a specific thing theyre looking to fix.
The awesome thing here - even a small fraction of a lot of people still adds up to millions.
If you're referring to GApps, its pretty normal to add the latest GApps to CM when you flash it.
Major reason I installed CM I refuse to have anything to do with GApps.
If you're referring to the Apps, what do you suppose would happen to free apps in a world where everyone was running a hosts-based adblocker?
The app market is a total failure and this would be why. Everyone expects something for free and nobody is willing to pay for quality product resulting in predictable self-fulfilling prophecy.
I also think it is disingenuous to speak of in terms of advertising when 'ads' know your phone number and have access to your physical location we are really talking about spyware supported applications not advertising supported applications.
You're kidding right? At this point, CM is the Digg equivalent of mods. The users have been steadily moving on to third party to CM mods
Like what? Having looked most of them are not updated and none of them bother to support my device.
Have you actually read the Xen Project's policy at http://www.xenproject.org/secu... - it is really quite inclusive and doesn't really discriminate against small service providers.
This is one of those games you can't win.
Being inclusive means your opsec is shit and you have effectively blabbered to *everyone* who has a stake in knowing. A secret known by all is no secret.
I don't know you tell me what difference would mandating two cores or DX10 make? What is there to be gained?
This is something that has always bothered me. If a teenager is sexting her boyfriend or girlfriend and they happen to get the number number and send a pic to me, I have child porn on my phone. It doesn't matter how it got there. It doesn't matter how fast I delete it. If there ever happens to be any investigation of me for any reason and they check my SMS messages at the phone company,
Pictures are not transmitted via SMS rather SMS is used to communicate an Internet URL your phone must follow to download multimedia content. You can turn off the automatic downloading part and still receive normal text messages.
Be warned LEA's ability to generate pretext is BOUNDLESS... aggregation of illogical laws and otherwise voting for dimwits spewing "zero tolerance" just makes it easier for our kings to throw whomever they dislike into their dungeons.
It is hard to believe with 25% of the worlds prisoners and quadrupling of incarceration rates over the past 30 years there are still people who honestly believe that crap about the United States being a "nation of laws". Keep dreaming...